Jitsi auth: introduce openid token

matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/room/model/thirdparty/OpenIdToken.kt

@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2021 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.api.session.room.model.thirdparty
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * This class holds the response for openId request_token API
+ * See https://matrix.org/docs/spec/client_server/latest#post-matrix-client-r0-user-userid-openid-request-token
+ */
+@JsonClass(generateAdapter = true)
+data class OpenIdToken(
+        /**
+         * Required. An access token the consumer may use to verify the identity of the person who generated the token.
+         * This is given to the federation API GET /openid/userinfo to verify the user's identity.
+         */
+        @Json(name = "access_token") val accessToken: String,
+        /**
+         * Required. The string Bearer.
+         */
+        @Json(name = "token_type") val tokenType: String,
+        /**
+         * Required. The homeserver domain the consumer should use when attempting to verify the user's identity.
+         */
+        @Json(name = "matrix_server_name") val matrix_server_name: String,
+        /**
+         * Required. The number of seconds before this token expires and a new one must be generated.
+         */
+        @Json(name = "expires_in") val expires_in: Int
+)

matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/thirdparty/ThirdPartyService.kt

@@ -16,6 +16,7 @@
 
 package org.matrix.android.sdk.api.session.thirdparty
 
+import org.matrix.android.sdk.api.session.room.model.thirdparty.OpenIdToken
 import org.matrix.android.sdk.api.session.room.model.thirdparty.ThirdPartyProtocol
 import org.matrix.android.sdk.api.session.thirdparty.model.ThirdPartyUser
 
@@ -36,4 +37,11 @@ interface ThirdPartyService {
      * @param fields One or more custom fields that are passed to the AS to help identify the user.
      */
     suspend fun getThirdPartyUser(protocol: String, fields: Map<String, String> = emptyMap()): List<ThirdPartyUser>
+
+    /**
+     * Gets an OpenID token object that the requester may supply to another service to verify their identity in Matrix.
+     * The generated token is only valid for exchanging for user information from the federation API for OpenID.
+     */
+    suspend fun getOpenIdToken(): OpenIdToken
+
 }

matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/thirdparty/DefaultThirdPartyService.kt

@@ -16,13 +16,15 @@
 
 package org.matrix.android.sdk.internal.session.thirdparty
 
+import org.matrix.android.sdk.api.session.room.model.thirdparty.OpenIdToken
 import org.matrix.android.sdk.api.session.room.model.thirdparty.ThirdPartyProtocol
 import org.matrix.android.sdk.api.session.thirdparty.ThirdPartyService
 import org.matrix.android.sdk.api.session.thirdparty.model.ThirdPartyUser
 import javax.inject.Inject
 
 internal class DefaultThirdPartyService @Inject constructor(private val getThirdPartyProtocolTask: GetThirdPartyProtocolsTask,
-                                                            private val getThirdPartyUserTask: GetThirdPartyUserTask)
+                                                            private val getThirdPartyUserTask: GetThirdPartyUserTask,
+                                                            private val getOpenIdTokenTask: GetOpenIdTokenTask)
     : ThirdPartyService {
 
     override suspend fun getThirdPartyProtocols(): Map<String, ThirdPartyProtocol> {
@@ -36,4 +38,8 @@ internal class DefaultThirdPartyService @Inject constructor(private val getThird
         )
         return getThirdPartyUserTask.execute(taskParams)
     }
+
+    override suspend fun getOpenIdToken(): OpenIdToken {
+        return getOpenIdTokenTask.execute(Unit)
+    }
 }

matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/thirdparty/GetOpenIdTokenTask.kt

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.session.thirdparty
+
+import org.matrix.android.sdk.api.session.room.model.thirdparty.OpenIdToken
+import org.matrix.android.sdk.internal.di.UserId
+import org.matrix.android.sdk.internal.network.GlobalErrorReceiver
+import org.matrix.android.sdk.internal.network.executeRequest
+import org.matrix.android.sdk.internal.task.Task
+import javax.inject.Inject
+
+internal interface GetOpenIdTokenTask : Task<Unit, OpenIdToken>
+
+internal class DefaultGetOpenIdTokenTask @Inject constructor(
+        private val thirdPartyAPI: ThirdPartyAPI,
+        private val globalErrorReceiver: GlobalErrorReceiver,
+        @UserId private val userId: String
+) : GetOpenIdTokenTask {
+
+    override suspend fun execute(params: Unit): OpenIdToken {
+        return executeRequest(globalErrorReceiver) {
+            thirdPartyAPI.requestOpenIdToken(userId)
+        }
+    }
+}

matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/thirdparty/ThirdPartyAPI.kt

@@ -16,6 +16,7 @@
 
 package org.matrix.android.sdk.internal.session.thirdparty
 
+import org.matrix.android.sdk.api.session.room.model.thirdparty.OpenIdToken
 import org.matrix.android.sdk.api.session.room.model.thirdparty.ThirdPartyProtocol
 import org.matrix.android.sdk.api.session.thirdparty.model.ThirdPartyUser
 import org.matrix.android.sdk.internal.network.NetworkConstants
@@ -41,4 +42,16 @@ internal interface ThirdPartyAPI {
     @GET(NetworkConstants.URI_API_PREFIX_PATH_R0 + "thirdparty/protocols/user/{protocol}")
     suspend fun getThirdPartyUser(@Path("protocol") protocol: String,
                                   @QueryMap params: Map<String, String>?): List<ThirdPartyUser>
+
+    /**
+     * Gets an OpenID token object that the requester may supply to another service to verify their identity in Matrix.
+     * The generated token is only valid for exchanging for user information from the federation API for OpenID.
+     * The access token generated is only valid for the OpenID API. It cannot be used to request another OpenID access token or call /sync, for example.
+     *
+     * Ref: https://matrix.org/docs/spec/client_server/latest#post-matrix-client-r0-user-userid-openid-request-token
+     */
+    @GET(NetworkConstants.URI_API_PREFIX_PATH_R0 + "user/{userId}/openid/request_token")
+    suspend fun requestOpenIdToken(@Path("userId") userId: String): OpenIdToken
+
+
 }

matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/thirdparty/ThirdPartyModule.kt

@@ -44,4 +44,7 @@ internal abstract class ThirdPartyModule {
 
     @Binds
     abstract fun bindGetThirdPartyUserTask(task: DefaultGetThirdPartyUserTask): GetThirdPartyUserTask
+
+    @Binds
+    abstract fun bindGetOpenIdTokenTask(task: DefaultGetOpenIdTokenTask): GetOpenIdTokenTask
 }